Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-53373

Опубликовано: 18 сент. 2025
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelUnder investigation
Red Hat Enterprise Linux 7kernelAffected
Red Hat Enterprise Linux 7kernel-rtAffected
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=2396379kernel: crypto: seqiv - Handle EBUSY correctly

EPSS

Процентиль: 4%
0.00018
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-53373

CVSS3: 7.8
ubuntu
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free.

nvd логотип

CVE-2023-53373

CVSS3: 7.8
nvd
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free.

debian логотип

CVE-2023-53373

CVSS3: 7.8
debian
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-gxr7-4mfg-37c7

CVSS3: 7.8
github
3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free.

oracle-oval логотип

ELSA-2025-18297

oracle-oval
2 месяца назад

ELSA-2025-18297: kernel security update (MODERATE)

EPSS

Процентиль: 4%
0.00018
Низкий

7 High

CVSS3